Symantec ESM Weak Encryption Between Nodes

1998-08-28T00:00:00
ID OSVDB:3159
Type osvdb
Reporter OSVDB
Modified 1998-08-28T00:00:00

Description

Vulnerability Description

Axent Enterprise Security Manager (ESM) utilizes extremely weak encryption to communicate between clients and management consoles. The problem lies with ESM relying on XOR based "encryption" to protect sensitive data passing between clients. Further, the authentication scheme that verifies a client is legitimate can be easily spoofed allowing an attacker to send whatever data they please, as well as sniff other traffic and gain detailed information on security vulnerabilities across the entire network.

Technical Description

Formerly Axent ESM

Solution Description

Upgrade to version 4.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Axent Enterprise Security Manager (ESM) utilizes extremely weak encryption to communicate between clients and management consoles. The problem lies with ESM relying on XOR based "encryption" to protect sensitive data passing between clients. Further, the authentication scheme that verifies a client is legitimate can be easily spoofed allowing an attacker to send whatever data they please, as well as sniff other traffic and gain detailed information on security vulnerabilities across the entire network.

References:

Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_4/0576.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_3/0641.html